The vulnerability of the Jenkins automation server, related to the absence of an authentication procedure that allows attackers to create parent directories in FilePath#mkdirs.

The vulnerability of the Jenkins automation server lies in the absence of authentication procedures. Exploiting this vulnerability allows a malicious actor to create parent directories in FilePathmkdirs from a remote location...

jenkins: FilePath#mkdirs does not check permission to create parent directories

An incorrect permissions validation vulnerability was found in Jenkins. The FilePathmkdirs does not check permission to create parent directories, which may allow an attacker who controls the agent process to get read and write arbitrary files on the Jenkins controller file system...

Jenkins 访问控制错误漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . Jenkins has an Access Control Error vulnerability that stems from FilePathmkdirs create parent directory operation is n...

PT-2021-5284 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier Jenkins LTS versions 2.303.2 and earlier Description: The issue is related to a lack of authorization procedure in the Jenkins automation server. This allows a remote attacker to create parent directories in...